diff options
Diffstat (limited to 'crypto/conf/conf_mod.c')
| -rw-r--r-- | crypto/conf/conf_mod.c | 152 |
1 files changed, 51 insertions, 101 deletions
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index e2a9a81678ed..df53609cc47e 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -1,68 +1,18 @@ -/* conf_mod.c */ /* - * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project - * 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ +#include "internal/cryptlib.h" #include <stdio.h> #include <ctype.h> #include <openssl/crypto.h> -#include "cryptlib.h" -#include <openssl/conf.h> -#include <openssl/dso.h> +#include "internal/conf.h" +#include "internal/dso.h" #include <openssl/x509.h> #define DSO_mod_init_name "OPENSSL_init" @@ -106,16 +56,16 @@ static STACK_OF(CONF_IMODULE) *initialized_modules = NULL; static void module_free(CONF_MODULE *md); static void module_finish(CONF_IMODULE *imod); -static int module_run(const CONF *cnf, char *name, char *value, +static int module_run(const CONF *cnf, const char *name, const char *value, unsigned long flags); static CONF_MODULE *module_add(DSO *dso, const char *name, conf_init_func *ifunc, conf_finish_func *ffunc); -static CONF_MODULE *module_find(char *name); -static int module_init(CONF_MODULE *pmod, char *name, char *value, +static CONF_MODULE *module_find(const char *name); +static int module_init(CONF_MODULE *pmod, const char *name, const char *value, const CONF *cnf); -static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value, - unsigned long flags); +static CONF_MODULE *module_load_dso(const CONF *cnf, const char *name, + const char *value); /* Main function: load modules from a CONF structure */ @@ -166,7 +116,7 @@ int CONF_modules_load_file(const char *filename, const char *appname, CONF *conf = NULL; int ret = 0; conf = NCONF_new(NULL); - if (!conf) + if (conf == NULL) goto err; if (filename == NULL) { @@ -195,7 +145,7 @@ int CONF_modules_load_file(const char *filename, const char *appname, return ret; } -static int module_run(const CONF *cnf, char *name, char *value, +static int module_run(const CONF *cnf, const char *name, const char *value, unsigned long flags) { CONF_MODULE *md; @@ -205,7 +155,7 @@ static int module_run(const CONF *cnf, char *name, char *value, /* Module not found: try to load DSO */ if (!md && !(flags & CONF_MFLAGS_NO_DSO)) - md = module_load_dso(cnf, name, value, flags); + md = module_load_dso(cnf, name, value); if (!md) { if (!(flags & CONF_MFLAGS_SILENT)) { @@ -220,6 +170,7 @@ static int module_run(const CONF *cnf, char *name, char *value, if (ret <= 0) { if (!(flags & CONF_MFLAGS_SILENT)) { char rcode[DECIMAL_SIZE(ret) + 1]; + CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, @@ -231,13 +182,13 @@ static int module_run(const CONF *cnf, char *name, char *value, } /* Load a module from a DSO */ -static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value, - unsigned long flags) +static CONF_MODULE *module_load_dso(const CONF *cnf, + const char *name, const char *value) { DSO *dso = NULL; conf_init_func *ifunc; conf_finish_func *ffunc; - char *path = NULL; + const char *path = NULL; int errcode = 0; CONF_MODULE *md; /* Look for alternative path in module section */ @@ -266,8 +217,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value, return md; err: - if (dso) - DSO_free(dso); + DSO_free(dso); CONFerr(CONF_F_MODULE_LOAD_DSO, errcode); ERR_add_error_data(4, "module=", name, ", path=", path); return NULL; @@ -282,21 +232,22 @@ static CONF_MODULE *module_add(DSO *dso, const char *name, supported_modules = sk_CONF_MODULE_new_null(); if (supported_modules == NULL) return NULL; - tmod = OPENSSL_malloc(sizeof(CONF_MODULE)); - if (tmod == NULL) + if ((tmod = OPENSSL_zalloc(sizeof(*tmod))) == NULL) { + CONFerr(CONF_F_MODULE_ADD, ERR_R_MALLOC_FAILURE); return NULL; + } tmod->dso = dso; - tmod->name = BUF_strdup(name); + tmod->name = OPENSSL_strdup(name); + tmod->init = ifunc; + tmod->finish = ffunc; if (tmod->name == NULL) { OPENSSL_free(tmod); return NULL; } - tmod->init = ifunc; - tmod->finish = ffunc; - tmod->links = 0; if (!sk_CONF_MODULE_push(supported_modules, tmod)) { + OPENSSL_free(tmod->name); OPENSSL_free(tmod); return NULL; } @@ -310,7 +261,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name, * initialized more than once. */ -static CONF_MODULE *module_find(char *name) +static CONF_MODULE *module_find(const char *name) { CONF_MODULE *tmod; int i, nchar; @@ -324,7 +275,7 @@ static CONF_MODULE *module_find(char *name) for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) { tmod = sk_CONF_MODULE_value(supported_modules, i); - if (!strncmp(tmod->name, name, nchar)) + if (strncmp(tmod->name, name, nchar) == 0) return tmod; } @@ -333,7 +284,7 @@ static CONF_MODULE *module_find(char *name) } /* initialize a module */ -static int module_init(CONF_MODULE *pmod, char *name, char *value, +static int module_init(CONF_MODULE *pmod, const char *name, const char *value, const CONF *cnf) { int ret = 1; @@ -341,13 +292,13 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value, CONF_IMODULE *imod = NULL; /* Otherwise add initialized module to list */ - imod = OPENSSL_malloc(sizeof(CONF_IMODULE)); - if (!imod) + imod = OPENSSL_malloc(sizeof(*imod)); + if (imod == NULL) goto err; imod->pmod = pmod; - imod->name = BUF_strdup(name); - imod->value = BUF_strdup(value); + imod->name = OPENSSL_strdup(name); + imod->value = OPENSSL_strdup(value); imod->usr_data = NULL; if (!imod->name || !imod->value) @@ -387,10 +338,8 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value, memerr: if (imod) { - if (imod->name) - OPENSSL_free(imod->name); - if (imod->value) - OPENSSL_free(imod->value); + OPENSSL_free(imod->name); + OPENSSL_free(imod->value); OPENSSL_free(imod); } @@ -428,8 +377,7 @@ void CONF_modules_unload(int all) /* unload a single module */ static void module_free(CONF_MODULE *md) { - if (md->dso) - DSO_free(md->dso); + DSO_free(md->dso); OPENSSL_free(md->name); OPENSSL_free(md); } @@ -451,6 +399,8 @@ void CONF_modules_finish(void) static void module_finish(CONF_IMODULE *imod) { + if (!imod) + return; if (imod->pmod->finish) imod->pmod->finish(imod); imod->pmod->links--; @@ -470,7 +420,7 @@ int CONF_module_add(const char *name, conf_init_func *ifunc, return 0; } -void CONF_modules_free(void) +void conf_modules_free_int(void) { CONF_modules_finish(); CONF_modules_unload(1); @@ -527,28 +477,28 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) char *CONF_get1_default_config_file(void) { - char *file; + char *file, *sep = ""; int len; - file = getenv("OPENSSL_CONF"); - if (file) - return BUF_strdup(file); + if (!OPENSSL_issetugid()) { + file = getenv("OPENSSL_CONF"); + if (file) + return OPENSSL_strdup(file); + } len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS len++; + sep = "/"; #endif len += strlen(OPENSSL_CONF); file = OPENSSL_malloc(len + 1); - if (!file) + if (file == NULL) return NULL; - BUF_strlcpy(file, X509_get_default_cert_area(), len + 1); -#ifndef OPENSSL_SYS_VMS - BUF_strlcat(file, "/", len + 1); -#endif - BUF_strlcat(file, OPENSSL_CONF, len + 1); + BIO_snprintf(file, len + 1, "%s%s%s", X509_get_default_cert_area(), + sep, OPENSSL_CONF); return file; } |